FedRAMP moves to coordinate with DHS security initiative

A collaboration between FedRAMP and the Department of Homeland Security will provide for the security of data within cloud environments and network connections between agency networks and cloud services.

The Federal Risk Authorization and Management Program, or FedRAMP, issued a draft coordinating document Thursday that looks to further enhance the security of the government’s access to cloud computing.

In collaboration with the Department of Homeland Security, FedRAMP has created an overlay that integrates the Trusted Internet Connection, or TIC, program into its cloud security requirements, allowing agencies to streamline their efforts to secure their data in cloud environments while also securing network connections to the cloud.

Currently, someone wanting to access a federally approved cloud and also comply with TIC has to do so through an agency connection, which either needs to be designated as a TIC access provider or registered as a Managed Trusted IP Service. This creates a significant strain on agency networks while also cutting down on cloud’s inherent advantage: access to files anywhere, anytime or any device.


The diagram describes how the new FedRAMP-TIC overlay will allow mobile users to securely access the cloud. (FedRAMP)


With these new requirements, FedRAMP and TIC have created a way for mobile users to access the cloud without the need for a TIC access provider or a Managed Trusted IP Service.

Cloud service providers can now prove they are “TIC Ready” along with meeting FedRAMP’s other security requirements, giving agency users the ability to connect to the cloud in a variety of ways.

In a release, FedRAMP was specific in saying that this overlay is a “first step,” and the office, as well as DHS, will be working to vet the requirements and make any necessary updates.

FedRAMP will be taking feedback on the requirements until May 2.

Find the new draft overlay on the FedRAMP

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts